Authentication

Fullstory MCP is in private beta and must be enabled for your Fullstory account before you can connect. If you're interested in being one of the first to try Fullstory MCP, sign up for the waitlist here.

The Fullstory MCP server supports two authentication methods:

• OAuth (default) — Best for individual users. On first connect, your MCP client opens a browser to sign in with Fullstory.
• API key — Best when you don't want a per-user browser sign-in, for example a gateway or shared service connecting to the MCP server on behalf of multiple users.

OAuth

On first connection, your MCP client will open a browser window to authorize with Fullstory. You will be prompted to grant the required scopes before the connection is established.

Add the following to your mcp.json (or equivalent configuration file for your AI client):

On first connect, the AI client will open Fullstory's authentication screen in your browser to sign in and grant permissions.

See Client Setup for step-by-step instructions for specific clients.

{
  "mcpServers": {
    "fullstory": {
      "type": "http",
      "url": "https://api.fullstory.com/mcp/fullstory"
    }
  }
}

API key

API key auth is useful when you don't want individual users signing in via OAuth, or when a gateway needs to reach the MCP server on behalf of multiple users. It's a slightly more manual setup than OAuth.

Step 1 — Create an API key

1. In Fullstory, go to Settings > Integrations > API Keys.
2. Click Create key.
3. Give the key a name and pick a permission level. We recommend Standard, the lowest level that works with the MCP server today.
4. When the modal appears, copy the key value and store it somewhere safe. The value is only shown once.

For details on key permission levels, see the server API authentication docs.

Step 2 — Configure your MCP client

Most MCP-compatible clients use an mcp.json (or equivalent). Pass the API key as a Bearer token in the Authorization header. The example below reads the key from a FULLSTORY_API_KEY environment variable so it isn't checked into source control:

{
  "mcpServers": {
    "fullstory": {
      "type": "http",
      "url": "https://api.fullstory.com/mcp/fullstory",
      "headers": {
        "Authorization": "Bearer ${FULLSTORY_API_KEY}"
      }
    }
  }
}

If your client uses a different config schema (for example "servers" instead of "mcpServers"), adapt the outer keys but keep the headers.Authorization value the same.

Step 3 — Install Fullstory skills (optional but recommended)

The Fullstory skills repo provides analytics and session-investigation skills that pair with the MCP server (under plugins/fullstory/skills). Most clients let you drop these into a skills folder and invoke them via slash commands.

If your setup is more custom or you run into trouble, reach out via the Slack community.